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REMARKS/ARGUMENTS 

Claims 5, 7-12 and 43-50 are pending in the present application. Claims 5, 7-12 and 43-50 
stand rejected. Claim 5, 43, and 44 have been amended. No claims have been canceled or 
added. Reconsideration of claims 5, 7-12, and 43-50 in light of the present remarks is 
respectfully requested. 

Rejections Under 35 U.S.C. § 103 

The Examiner has rejected claims 5, 7-12 and 43-50 under 35 U.S.C. § 103 as being 
unpatentable over U.S. Patent No. 6,473,794 to Guheen et al. in view of U.S. Patent No. 6,298,444 
to Foss et al. Applicants respectfully traverse the rejection. 

Claim 5 is directed to a method for protecting a network server from being used as the basis 
of an attack on a network client. Among other elements, amended claim 5 requires "scanning said 
trusted portion of said network server for particular characters, said particular characters being 
associated with said selected protocol and removing said particular characters such that the 
security risk posed by said selected character is reduced." As explained in the specification, a 
Web site typically includes various pages, each having a unique URL. Users of the site may place 
an elevated trust in certain servers or certain portions of servers (such as those corresponding to 
financial institutions or merchants who are reputable). The certain servers or portions of servers in 
which the elevated trust is placed are referred to as a trusted portion. (See Application, pg. 27, 11. 
32-35). In the context of reducing or eliminating undesirable executable code, data provided to the 
trusted portion of a Web site may be monitored for dangerous characters. In one example, scripting 
languages, such as JavaScript, are frequently encoded with script instructions placed between angle 
brackets ("<" and ">"). In this manner, only the trusted portion of the network server is scanned 
for "<" and ">" characters that are associated with the JavaScript protocol and those characters are 
removed. (See Application, pg. 28, 11. 9-29). The remainder of the network server is not scanned. 

As noted by the Examiner, Guheen does not explicitly disclose scanning said portion of said 
network server for particular characters, said particular characters being associated with said 
selected protocol and removing said particular characters such that a security risk posed by said 
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selected protocol is reduced. Applicants respectfully submit that Foss does not cure the deficiencies 
of Guheen. 

Foss is directed to a network security system that prevents unwanted email messages from 
entering a network by selectively checking portions of the email. Foss fails to disclose, teach, or 
suggest restricting access to a trusted portion of a network server and scanning the trusted portion 
of the of the network server for particular characters, as required by claim 1 . Instead, Foss discloses 
a mail guard device 207, which scans all electronic mail messages sent from outside the network. 
(Foss, col. 4, 11. 5-6). Similarly, FIG. 2 discloses that the mail guard 207 scans all e-mail message 
received from outside the private network 204 (i.e., e-mail 205 from server 203). Foss does not 
disclose, teach, or suggest scanning only certain e-mail messages received from outside the 
network. In fact, all e-mail messages received from outside the network must be scanned. While 
only a portion of the email message is scanned, every email message received from the server 203 
must be scanned before being admitted to the private network 204. As a result, Foss fails to 
disclose, teach, or suggest restricting access to a trusted portion of a network server and scanning 
the trusted portion of the of the network server for particular characters, as required by claim 1 

In addition, Applicants submit there is no motivation to modify Foss to scan only certain e- 
mail messages which are received from outside the network, instead of scanning all e-mail 
messages received from outside the network, because such a modification would destroy the 
intended function of Foss. Foss discloses that prior art mail relay systems were particularly 
vulnerable to attack from external sources because there are no significant barriers from keeping an 
external source from corrupting e-mail messages sent to the relay. (Foss, col. 1, 1. 66 - col. 2, 1. 3). 
In order to solve this problem, Foss discloses that every e-mail which is received from outside the 
network is scanned. However, by scanning every e-mail message, the system disclosed in Foss 
becomes inefficient because every e-mail message must now be scanned. 

Claim 5 on the other hand, requires that a portion of the network server is scanned. As 
stated in the specification, "data provided to the trusted portion of the Web site may be monitored 
and/or modified before being returned to the user (1304 and 1306)." (See Application, pg. 28, Ins. 
12-14) In this manner, security is enhanced without reduction in system efficiency because only a 
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portion of the website is scanned. If Foss were modified to scan only certain e-mail messages 
received from outside the network, the intended function of Foss would be destroyed. It is 
inappropriate to propose a modification for an obviousness inquiry, when such a modification 
would render a prior art reference inoperable for its intended purpose. See In re Fritch, 972 F.2d 
1260,1265 n.l2(Fed.Cir. 1992). 

As noted above, Guheen and Foss, alone or in combination, fail to disclose, teach, or suggest 
"scanning said trusted portion of said network server for particular characters, said particular 
characters being associated with said selected protocol and removing said particular characters 
such that the security risk posed by said selected character is reduced," as required by claim 5. As 
a result, Applicants respectfully submit that claim 5 is patentable over Guheen in view of Foss. 
Additionally, claims 7-12 depend from claim 5, and include all the elements of claim 5. Therefore, 
Applicants respectfully submit that claims 7-12 are also patentable over Guheen in view of Foss. 

Claim 43 is directed to a computer-implemented method for protecting a network server 
from being used as the basis for an attack on a network client. Similar to claim 5, among other 
elements, claim 43 requires "scanning a trusted portion of said network server for particular 
characters associated with a protocol." As explained in the specification, in the context of 
reducing or eliminating undesirable executable code, data provided to the trusted portion of a Web 
site may be monitored for dangerous characters. In one example, scripting languages, such as 
JavaScript, are frequently encoded with script instructions placed between angle brackets ("<" and 
">"). In this manner, only the trusted portion of the network server is scanned for "<" and ">" 
characters that are associated with the JavaScript protocol and those characters are removed. (See 
Application, pg. 28, Ins. 9-29). The remainder of the network server is not scanned. 

As noted above with respect to claim 5, Guheen fails to disclose, teach, or suggest 
"scanning a trusted portion of said network server for particular characters associated with a 
protocol" as required by claim 43. As a result, Applicants respectfully submit that claim 43 is 
patentable over Guheen in view of Foss. Additionally, claims 44-50 depend from claim 43, and 
include all the elements of claim 43. Therefore, Applicants respectfully submit that claims 44-50 
are also patentable over Guheen in view of Foss. 
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CONCLUSION 



In view of the foregoing remarks, Applicants respectfully submit that all of the claims in the 
Application are in allowable form and that the Application is in condition for allowance. If, 
however, any outstanding issues remain, Applicants respectfully urge the Examiner to telephone 
Applicants' undersigned attorney so that the same may be resolved and the Application expedited to 
issue. Applicants respectfully request the Examiner to indicate all claims as allowable and to pass 
the Application to issue. 
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